Re: [VOTE] 8.0.x EOL - 30 June 2018
Le 23/06/2017 à 21:15, Christopher Schultz a écrit : > The idea was to encourage package repository maintainers to migrate to > Tomcat 8.5. If we never sundown Tomcat 8.0, they'll never move (witness > the presence of Tomcat 6.0 still lurking around half the Internet). As far as Debian is concerned, the migration to Tomcat 8.5 did happen in Debian 9. But Debian 8 users are stuck with Tomcat 8.0.x until June 2020. Tomcat 8.5 isn't a drop-in replacement for Tomcat 8.0 unfortunately, so it's a bit difficult to push this upgrade in a stable distribution. Emmanuel Bourg - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60461] SIGSEGV in SSLSocket.getInfos
https://bz.apache.org/bugzilla/show_bug.cgi?id=60461 Remy Maucheratchanged: What|Removed |Added Status|NEW |RESOLVED Resolution|--- |FIXED --- Comment #37 from Remy Maucherat --- I think this should be fixed by syncing for now. The changes are now included for APR and OpenSSL in 9M23 and 8.5.17. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1799710 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/AprEndpoint.java java/org/apache/tomcat/util/net/AprSSLSupport.java webapps/docs/changelog.xml
Author: remm Date: Fri Jun 23 21:36:16 2017 New Revision: 1799710 URL: http://svn.apache.org/viewvc?rev=1799710=rev Log: 60461: Sync SSL session access for the APR connector. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/AprSSLSupport.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Jun 23 21:36:16 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
svn commit: r1799709 - in /tomcat/trunk: java/org/apache/tomcat/util/net/AprEndpoint.java java/org/apache/tomcat/util/net/AprSSLSupport.java webapps/docs/changelog.xml
Author: remm Date: Fri Jun 23 21:34:50 2017 New Revision: 1799709 URL: http://svn.apache.org/viewvc?rev=1799709=rev Log: 60461: Sync SSL session access for the APR connector. Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java tomcat/trunk/java/org/apache/tomcat/util/net/AprSSLSupport.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?rev=1799709=1799708=1799709=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java Fri Jun 23 21:34:50 2017 @@ -2761,5 +2761,44 @@ public class AprEndpoint extends Abstrac public void setAppReadBufHandler(ApplicationBufferHandler handler) { // no-op } + +String getSSLInfoS(int id) { +synchronized (closedLock) { +if (closed) { +return null; +} +try { +return SSLSocket.getInfoS(getSocket().longValue(), id); +} catch (Exception e) { +throw new IllegalStateException(e); +} +} +} + +int getSSLInfoI(int id) { +synchronized (closedLock) { +if (closed) { +return 0; +} +try { +return SSLSocket.getInfoI(getSocket().longValue(), id); +} catch (Exception e) { +throw new IllegalStateException(e); +} +} +} + +byte[] getSSLInfoB(int id) { +synchronized (closedLock) { +if (closed) { +return null; +} +try { +return SSLSocket.getInfoB(getSocket().longValue(), id); +} catch (Exception e) { +throw new IllegalStateException(e); +} +} +} } } Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AprSSLSupport.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AprSSLSupport.java?rev=1799709=1799708=1799709=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/AprSSLSupport.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/AprSSLSupport.java Fri Jun 23 21:34:50 2017 @@ -22,7 +22,6 @@ import java.security.cert.CertificateFac import java.security.cert.X509Certificate; import org.apache.tomcat.jni.SSL; -import org.apache.tomcat.jni.SSLSocket; /** * Implementation of SSLSupport for APR. @@ -32,11 +31,11 @@ import org.apache.tomcat.jni.SSLSocket; */ public class AprSSLSupport implements SSLSupport { -private final SocketWrapperBase socketWrapper; +private final AprEndpoint.AprSocketWrapper socketWrapper; private final String clientCertProvider; -public AprSSLSupport(SocketWrapperBase socketWrapper, String clientCertProvider) { +public AprSSLSupport(AprEndpoint.AprSocketWrapper socketWrapper, String clientCertProvider) { this.socketWrapper = socketWrapper; this.clientCertProvider = clientCertProvider; } @@ -44,12 +43,8 @@ public class AprSSLSupport implements SS @Override public String getCipherSuite() throws IOException { -long socketRef = socketWrapper.getSocket().longValue(); -if (socketRef == 0) { -return null; -} try { -return SSLSocket.getInfoS(socketRef, SSL.SSL_INFO_CIPHER); +return socketWrapper.getSSLInfoS(SSL.SSL_INFO_CIPHER); } catch (Exception e) { throw new IOException(e); } @@ -58,15 +53,10 @@ public class AprSSLSupport implements SS @Override public X509Certificate[] getPeerCertificateChain() throws IOException { -long socketRef = socketWrapper.getSocket().longValue(); -if (socketRef == 0) { -return null; -} - try { // certLength == -1 indicates an error -int certLength = SSLSocket.getInfoI(socketRef, SSL.SSL_INFO_CLIENT_CERT_CHAIN); -byte[] clientCert = SSLSocket.getInfoB(socketRef, SSL.SSL_INFO_CLIENT_CERT); +int certLength = socketWrapper.getSSLInfoI(SSL.SSL_INFO_CLIENT_CERT_CHAIN); +byte[] clientCert = socketWrapper.getSSLInfoB(SSL.SSL_INFO_CLIENT_CERT); X509Certificate[] certs = null; if (clientCert != null && certLength > -1) { certs = new X509Certificate[certLength + 1]; @@ -78,7 +68,7 @@ public class AprSSLSupport implements SS } certs[0] =
svn commit: r1799705 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/catalina/connector/Request.java java/org/apache/catalina/util/TLSUtil.java java/org/apache/catalina/valves/AbstractAccessLogValve.ja
Author: markt Date: Fri Jun 23 21:15:38 2017 New Revision: 1799705 URL: http://svn.apache.org/viewvc?rev=1799705=rev Log: When the access log valve logs a TLS related request attribute and the NIO2 connector is used with OpenSSL, ensure that the TLS attributes are available to the access log valve when the connection is closing. Added: tomcat/tc8.5.x/trunk/java/org/apache/catalina/util/TLSUtil.java - copied unchanged from r1799704, tomcat/trunk/java/org/apache/catalina/util/TLSUtil.java Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/catalina/connector/Request.java tomcat/tc8.5.x/trunk/java/org/apache/catalina/valves/AbstractAccessLogValve.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Jun 23 21:15:38 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
svn commit: r1799704 - in /tomcat/trunk: java/org/apache/catalina/connector/Request.java java/org/apache/catalina/util/TLSUtil.java java/org/apache/catalina/valves/AbstractAccessLogValve.java webapps/
Author: markt Date: Fri Jun 23 21:14:43 2017 New Revision: 1799704 URL: http://svn.apache.org/viewvc?rev=1799704=rev Log: When the access log valve logs a TLS related request attribute and the NIO2 connector is used with OpenSSL, ensure that the TLS attributes are available to the access log valve when the connection is closing. Added: tomcat/trunk/java/org/apache/catalina/util/TLSUtil.java (with props) Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java tomcat/trunk/java/org/apache/catalina/valves/AbstractAccessLogValve.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/connector/Request.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?rev=1799704=1799703=1799704=diff == --- tomcat/trunk/java/org/apache/catalina/connector/Request.java (original) +++ tomcat/trunk/java/org/apache/catalina/connector/Request.java Fri Jun 23 21:14:43 2017 @@ -85,6 +85,7 @@ import org.apache.catalina.core.AsyncCon import org.apache.catalina.mapper.MappingData; import org.apache.catalina.util.ParameterMap; import org.apache.catalina.util.RequestUtil; +import org.apache.catalina.util.TLSUtil; import org.apache.catalina.util.URLEncoder; import org.apache.coyote.ActionCode; import org.apache.coyote.UpgradeToken; @@ -855,48 +856,46 @@ public class Request implements HttpServ */ @Override public Object getAttribute(String name) { - // Special attributes SpecialAttributeAdapter adapter = specialAttributes.get(name); if (adapter != null) { return adapter.get(this, name); } -Object attr=attributes.get(name); +Object attr = attributes.get(name); -if(attr!=null) { +if (attr != null) { return attr; } -attr = coyoteRequest.getAttribute(name); -if(attr != null) { +attr = coyoteRequest.getAttribute(name); +if (attr != null) { return attr; } -if( isSSLAttribute(name) || name.equals(SSLSupport.PROTOCOL_VERSION_KEY)) { -coyoteRequest.action(ActionCode.REQ_SSL_ATTRIBUTE, - coyoteRequest); +if (TLSUtil.isTLSRequestAttribute(name)) { +coyoteRequest.action(ActionCode.REQ_SSL_ATTRIBUTE, coyoteRequest); attr = coyoteRequest.getAttribute(Globals.CERTIFICATES_ATTR); -if( attr != null) { +if (attr != null) { attributes.put(Globals.CERTIFICATES_ATTR, attr); } attr = coyoteRequest.getAttribute(Globals.CIPHER_SUITE_ATTR); -if(attr != null) { +if (attr != null) { attributes.put(Globals.CIPHER_SUITE_ATTR, attr); } attr = coyoteRequest.getAttribute(Globals.KEY_SIZE_ATTR); -if(attr != null) { +if (attr != null) { attributes.put(Globals.KEY_SIZE_ATTR, attr); } attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_ID_ATTR); -if(attr != null) { +if (attr != null) { attributes.put(Globals.SSL_SESSION_ID_ATTR, attr); } attr = coyoteRequest.getAttribute(Globals.SSL_SESSION_MGR_ATTR); -if(attr != null) { +if (attr != null) { attributes.put(Globals.SSL_SESSION_MGR_ATTR, attr); } attr = coyoteRequest.getAttribute(SSLSupport.PROTOCOL_VERSION_KEY); -if(attr != null) { +if (attr != null) { attributes.put(SSLSupport.PROTOCOL_VERSION_KEY, attr); } attr = attributes.get(name); @@ -911,18 +910,6 @@ public class Request implements HttpServ return coyoteRequest.getContentLengthLong(); } -/** - * Test if a given name is one of the special Servlet-spec SSL attributes. - * - * @return true if this is a special SSL attribute - */ -static boolean isSSLAttribute(String name) { -return Globals.CERTIFICATES_ATTR.equals(name) || -Globals.CIPHER_SUITE_ATTR.equals(name) || -Globals.KEY_SIZE_ATTR.equals(name) || -Globals.SSL_SESSION_ID_ATTR.equals(name) || -Globals.SSL_SESSION_MGR_ATTR.equals(name); -} /** * Return the names of all request attributes for this Request, or an Added: tomcat/trunk/java/org/apache/catalina/util/TLSUtil.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/util/TLSUtil.java?rev=1799704=auto == --- tomcat/trunk/java/org/apache/catalina/util/TLSUtil.java (added) +++ tomcat/trunk/java/org/apache/catalina/util/TLSUtil.java Fri Jun 23 21:14:43 2017 @@ -0,0 +1,43 @@ +/* + * Licensed to
svn commit: r1799703 - in /tomcat/tc8.5.x/trunk: ./ java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java webapps/docs/changelog.xml
Author: markt Date: Fri Jun 23 21:07:51 2017 New Revision: 1799703 URL: http://svn.apache.org/viewvc?rev=1799703=rev Log: The SSL session ID can be null when OpenSSL is using session tickets. Therefore, remove the check that throws an ISE if the session ID is found to be null. Modified: tomcat/tc8.5.x/trunk/ (props changed) tomcat/tc8.5.x/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java tomcat/tc8.5.x/trunk/webapps/docs/changelog.xml Propchange: tomcat/tc8.5.x/trunk/ -- --- svn:mergeinfo (original) +++ svn:mergeinfo Fri Jun 23 21:07:51 2017 @@ -1 +1 @@ -/tomcat/trunk:1734785,1734799,1734845,1734928,1735041,1735044,1735480,1735577,1735597,1735599-1735600,1735615,1736145,1736162,1736209,1736280,1736297,1736299,1736489,1736646,1736703,1736836,1736849,1737104-1737105,1737112,1737117,1737119-1737120,1737155,1737157,1737192,1737280,1737339,1737632,1737664,1737715,1737748,1737785,1737834,1737860,1737903,1737959,1738005,1738007,1738014-1738015,1738018,1738022,1738039,1738043,1738059-1738060,1738147,1738149,1738174-1738175,1738261,1738589,1738623-1738625,1738643,1738816,1738850,1738855,1738946-1738948,1738953-1738954,1738979,1738982,1739079-1739081,1739087,1739113,1739153,1739172,1739176,1739191,1739474,1739726,1739762,1739775,1739814,1739817-1739818,1739975,1740131,1740324,1740465,1740495,1740508-1740509,1740520,1740535,1740707,1740803,1740810,1740969,1740980,1740991,1740997,1741015,1741033,1741036,1741058,1741060,1741080,1741147,1741159,1741164,1741173,1741181,1741190,1741197,1741202,1741208,1741213,1741221,1741225,1741232,1741409,1741501 ,1741677,1741892,1741896,1741984,1742023,1742042,1742071,1742090,1742093,1742101,1742105,1742111,1742139,1742146,1742148,1742166,1742181,1742184,1742187,1742246,1742248-1742251,1742263-1742264,1742268,1742276,1742369,1742387,1742448,1742509-1742512,1742917,1742919,1742933,1742975-1742976,1742984,1742986,1743019,1743115,1743117,1743124-1743125,1743134,1743425,1743554,1743679,1743696-1743698,1743700-1743701,1744058,1744064-1744065,1744125,1744194,1744229,1744270,1744323,1744432,1744684,1744697,1744705,1744713,1744760,1744786,1745083,1745142-1745143,1745145,1745177,1745179-1745180,1745227,1745248,1745254,1745337,1745467,1745473,1745535,1745576,1745735,1745744,1746304,1746306-1746307,1746319,1746327,1746338,1746340-1746341,1746344,1746427,1746441,1746473,1746490,1746492,1746495-1746496,1746499-1746501,1746503-1746507,1746509,1746549,1746551,1746554,1746556,1746558,1746584,1746620,1746649,1746724,1746939,1746989,1747014,1747028,1747035,1747210,1747225,1747234,1747253,1747404,1747506,1747 536,1747924,1747980,1747993,1748001,1748253,1748452,1748547,1748629,1748676,1748715,1749287,1749296,1749328,1749373,1749465,1749506,1749508,1749665-1749666,1749763,1749865-1749866,1749898,1749978,1749980,1750011,1750015,1750056,1750480,1750617,1750634,1750692,1750697,1750700,1750703,1750707,1750714,1750718,1750723,1750774,1750899,1750975,1750995,1751061,1751097,1751173,1751438,1751447,1751463,1751702,1752212,1752737,1752745,1753078,1753080,1753358,1753363,1754111,1754140-1754141,1754281,1754310,1754445,1754467,1754494,1754496,1754528,1754532-1754533,1754613,1754714,1754874,1754941,1754944,1754950-1754951,1755005,1755007,1755009,1755132,1755180-1755181,1755185,1755190,1755204-1755206,1755208,1755214,1755224,1755227,1755230,1755629,1755646-1755647,1755650,1755653,1755675,1755680,1755683,1755693,1755717,1755731-1755737,1755812,1755828,1755884,1755890,1755918-1755919,1755942,1755958,1755960,1755970,1755993,1756013,1756019,1756039,1756056,1756083-1756114,1756175,1756288-1756289,1756408-1 756410,1756778,1756798,1756878,1756898,1756939,1757123-1757124,1757126,1757128,1757132-1757133,1757136,1757145,1757167-1757168,1757175,1757180,1757182,1757195,1757271,1757278,1757347,1757353-1757354,1757363,1757374,1757399,1757406,1757408,1757485,1757495,1757499,1757527,1757578,1757684,1757722,1757727,1757790,1757799,1757813,1757853,1757883,1757903,1757976,1757997,1758000,1758058,1758072-1758075,1758078-1758079,1758223,1758257,1758261,1758276,1758292,1758369,1758378-1758383,1758421,1758423,1758425-1758427,1758430,1758443,1758448,1758459,1758483,1758486-1758487,1758499,1758525,1758556,1758580,1758582,1758584,1758588,1758842,1759019,1759212,1759224,1759227,1759252,1759274,1759513-1759516,1759611,1759757,1759785-1759790,1760005,1760022,1760109-1760110,1760135,1760200-1760201,1760227,1760300,1760397,1760446,1760454,1760640,1760648,1761057,1761422,1761491,1761498,1761500-1761501,1761550,1761553,1761572,1761574,1761625-1761626,1761628,1761682,1761740,1761752,1762051-1762053,1762123,176216
svn commit: r1799702 - /tomcat/trunk/webapps/docs/changelog.xml
Author: markt Date: Fri Jun 23 21:05:27 2017 New Revision: 1799702 URL: http://svn.apache.org/viewvc?rev=1799702=rev Log: Changelog entry for r1799701 Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1799702=1799701=1799702=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jun 23 21:05:27 2017 @@ -56,6 +56,11 @@ Add LoadBalancerDrainingValve, a Valve designed to reduce the amount of time required for a node to drain its authenticated users. (schultz) + +Do not log a warning when a null session is returned for an +OpenSSL based TLS session since this is expected when session tickets +are enabled. (markt) + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1799701 - /tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
Author: markt Date: Fri Jun 23 21:02:37 2017 New Revision: 1799701 URL: http://svn.apache.org/viewvc?rev=1799701=rev Log: The SSL session ID can be null when OpenSSL is using session tickets. Therefore, remove the check that throws an ISE if the session ID is found to be null. Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java?rev=1799701=1799700=1799701=diff == --- tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java Fri Jun 23 21:02:37 2017 @@ -1048,10 +1048,7 @@ public final class OpenSSLEngine extends } id = SSL.getSessionId(ssl); } -if (id == null) { -// The id should never be null, if it was null then the SESSION itself was not valid. -throw new IllegalStateException(sm.getString("engine.noSession")); -} + return id; } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] 8.0.x EOL - 30 June 2018
Emmanuel, On 6/23/17 11:35 AM, Emmanuel Bourg wrote: > Le 23/06/2017 à 16:29, Christopher Schultz a écrit : > >> Can you clarify: you voted to NOT ANNOUNCE Tomcat 8.0 EOL now, but it's >> not very kind to consumers to surprise them in 2018 by saying "security >> patches only" sometime later. >> >> Why not state NOW that we will be EOLing Tomcat 8.0 in 2018 and starting >> NOW we will only provide security patches for it? > > My concern is to keep having security support for Tomcat 8.0.x because > it will still be used by Linux distributions beyond June 2018 (and > probably others). Tomcat 8.0.x will be only 4 years old at this date, > that's a rather short life by Tomcat standards. > > I wouldn't mind if feature updates stopped right now and if 8.0.x > received only security updates from now on (be it EOLed next year or > not). That would simplify the maintenance and encourage people to > upgrade to 8.5. The idea was to encourage package repository maintainers to migrate to Tomcat 8.5. If we never sundown Tomcat 8.0, they'll never move (witness the presence of Tomcat 6.0 still lurking around half the Internet). -chris signature.asc Description: OpenPGP digital signature
[Bug 61212] Slow application boot time due to constant jar file content read
https://bz.apache.org/bugzilla/show_bug.cgi?id=61212 Mark Thomaschanged: What|Removed |Added Resolution|--- |DUPLICATE Status|NEW |RESOLVED --- Comment #3 from Mark Thomas --- *** This bug has been marked as a duplicate of bug 60963 *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 60963] Optimize class loading for unpackWARs=false case
https://bz.apache.org/bugzilla/show_bug.cgi?id=60963 Mark Thomaschanged: What|Removed |Added CC||abruzgu...@eisgroup.com --- Comment #21 from Mark Thomas --- *** Bug 61212 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] 8.0.x EOL - 30 June 2018
Le 23/06/2017 à 16:29, Christopher Schultz a écrit : > Can you clarify: you voted to NOT ANNOUNCE Tomcat 8.0 EOL now, but it's > not very kind to consumers to surprise them in 2018 by saying "security > patches only" sometime later. > > Why not state NOW that we will be EOLing Tomcat 8.0 in 2018 and starting > NOW we will only provide security patches for it? My concern is to keep having security support for Tomcat 8.0.x because it will still be used by Linux distributions beyond June 2018 (and probably others). Tomcat 8.0.x will be only 4 years old at this date, that's a rather short life by Tomcat standards. I wouldn't mind if feature updates stopped right now and if 8.0.x received only security updates from now on (be it EOLed next year or not). That would simplify the maintenance and encourage people to upgrade to 8.5. Emmanuel Bourg - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] 8.0.x EOL - 30 June 2018
All, On 6/22/17 11:18 AM, Mark Thomas wrote: > We had a couple of threads discussing this. I think it is time for a > vote.> > [X] +1 We should announce 8.0.x EOL for 30 June 2018 > [ ] -1 We should announce 8.0.x EOL for [insert date here] > [ ] -1 We should not announce 8.0.x EOL at this time I think Tomcat 8.0 can go into maintenance mode (i.e. security-only) fairly soon. -chris signature.asc Description: OpenPGP digital signature
Re: [VOTE] 8.0.x EOL - 30 June 2018
Emmanuel, On 6/22/17 11:51 AM, Emmanuel Bourg wrote: > Le 22/06/2017 à 17:18, Mark Thomas a écrit : > >> [X] -1 We should not announce 8.0.x EOL at this time > > I'd prefer security only releases for Tomcat 8.0.x beyond 30 June 2018 > (or even sooner). Can you clarify: you voted to NOT ANNOUNCE Tomcat 8.0 EOL now, but it's not very kind to consumers to surprise them in 2018 by saying "security patches only" sometime later. Why not state NOW that we will be EOLing Tomcat 8.0 in 2018 and starting NOW we will only provide security patches for it? -chris signature.asc Description: OpenPGP digital signature
svn commit: r1799678 - /tomcat/trunk/webapps/docs/changelog.xml
Author: schultz Date: Fri Jun 23 14:25:09 2017 New Revision: 1799678 URL: http://svn.apache.org/viewvc?rev=1799678=rev Log: Move changelog entry to correct version after review by markt. Modified: tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1799678=1799677=1799678=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jun 23 14:25:09 2017 @@ -58,6 +58,14 @@ + + + +61127Allow human-readable names for channelSendOptions and +mapSendOptions. Patch provided by Igal Sapir. (schultz) + + + @@ -243,14 +251,6 @@ - - - -61127Allow human-readable names for channelSendOptions and -mapSendOptions. Patch provided by Igal Sapir. (schultz) - - - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1799677 - in /tomcat/trunk: java/org/apache/catalina/valves/LoadBalancerDrainingValve.java webapps/docs/changelog.xml
Author: schultz Date: Fri Jun 23 14:23:53 2017 New Revision: 1799677 URL: http://svn.apache.org/viewvc?rev=1799677=rev Log: Fix a bug and a small integration support improvement after review by mgrigorov. Fix changelog after review by markt. Modified: tomcat/trunk/java/org/apache/catalina/valves/LoadBalancerDrainingValve.java tomcat/trunk/webapps/docs/changelog.xml Modified: tomcat/trunk/java/org/apache/catalina/valves/LoadBalancerDrainingValve.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/valves/LoadBalancerDrainingValve.java?rev=1799677=1799676=1799677=diff == --- tomcat/trunk/java/org/apache/catalina/valves/LoadBalancerDrainingValve.java (original) +++ tomcat/trunk/java/org/apache/catalina/valves/LoadBalancerDrainingValve.java Fri Jun 23 14:23:53 2017 @@ -68,7 +68,7 @@ public class LoadBalancerDrainingValve * The request attribute key where the load-balancer's activation state * can be found. */ -static final String ATTRIBUTE_KEY_JK_LB_ACTIVATION = "JK_LB_ACTIVATION"; +public static final String ATTRIBUTE_KEY_JK_LB_ACTIVATION = "JK_LB_ACTIVATION"; /** * The HTTP response code that will be used to redirect the request @@ -259,8 +259,7 @@ public class LoadBalancerDrainingValve // Re-write the URI if it contains a ;jsessionid parameter String uri = request.getRequestURI(); -String sessionURIParamName = "jsessionid"; -SessionConfig.getSessionUriParamName(request.getContext()); +String sessionURIParamName = SessionConfig.getSessionUriParamName(request.getContext()); if(uri.contains(";" + sessionURIParamName + "=")) uri = uri.replaceFirst(";" + sessionURIParamName + "=[^&?]*", ""); Modified: tomcat/trunk/webapps/docs/changelog.xml URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1799677=1799676=1799677=diff == --- tomcat/trunk/webapps/docs/changelog.xml (original) +++ tomcat/trunk/webapps/docs/changelog.xml Fri Jun 23 14:23:53 2017 @@ -52,6 +52,10 @@ protocol will trigger a warning in the logs since it is known to be insecure. (markt) + +Add LoadBalancerDrainingValve, a Valve designed to reduce the amount of +time required for a node to drain its authenticated users. (schultz) + @@ -147,10 +151,6 @@ variable for CGI executables is populated in a consistent way regardless of how the CGI servlet is mapped to a request. (markt) - -Add LoadBalancerDrainingValve, a Valve designed to reduce the amount of -time required for a node to drain its authenticated users. (schultz) - - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1799498 - in /tomcat/trunk: java/org/apache/catalina/valves/LoadBalancerDrainingValve.java test/org/apache/catalina/valves/TestLoadBalancerDrainingValve.java webapps/docs/changelog.xm
Martin, On 6/22/17 3:04 AM, Martin Grigorov wrote: > On Wed, Jun 21, 2017 at 9:05 PM,wrote: > >> +/** >> + * The request attribute key where the load-balancer's activation >> state >> + * can be found. >> + */ >> +static final String ATTRIBUTE_KEY_JK_LB_ACTIVATION = >> "JK_LB_ACTIVATION"; >> > > Any objection to make this constant public and visible from outside > ? I find it useful to be able to refer the constant by name than its > value when integrating. No objections. It looks like I'll have a follow-on patch shortly, so I can change this at the same time. >> +// Kill any session cookie present >> +if(null != cookies) { >> +for(Cookie cookie : cookies) { >> +final String cookieName = cookie.getName(); >> +if(containerLog.isTraceEnabled()) >> +containerLog.trace("Checking cookie " + >> cookieName + "=" + cookie.getValue()); >> + >> +if(sessionCookieName.equals(cookieName) >> + && request.getRequestedSessionId().equals(cookie.getValue())) >> { >> +sessionCookie = cookie; >> > > Is it a good idea to 'break' here ? > Do you expect more than one session cookies ?! No, but I do expect that there may be more interesting cookies later on in the list... >> +} else >> +// Is the client presenting a valid ignore-cookie >> value? >> +if(null != _ignoreCookieName >> +&& _ignoreCookieName.equals(cookieName) >> +&& null != _ignoreCookieValue >> +&& _ignoreCookieValue.equals(cookie.getValue())) >> { >> +ignoreRebalance = true; >> +} >> +} Like here ^. >> +// Re-write the URI if it contains a ;jsessionid parameter >> +String uri = request.getRequestURI(); >> +String sessionURIParamName = "jsessionid"; >> +SessionConfig.getSessionUriParamName(request.getContext()); >> > > It seems this bug has been inroduced during testing/debugging. > The return value of > "SessionConfig.getSessionUriParamName(request.getContext());" > is ignored and the sessionURIParamName is always "jsessionid". +1 I'll get that fixed. This Valve is a port of a Filter that I wrote earlier and evidently that got lost in the shuffle. Thanks for the review. -chris signature.asc Description: OpenPGP digital signature
Re: svn commit: r1799462 - in /tomcat/trunk: ./ java/org/apache/catalina/ha/session/ java/org/apache/catalina/ha/tcp/ java/org/apache/catalina/tribes/ test/org/apache/catalina/tribes/test/channel/ web
Mark, Sorry... I'll get this sorted today. Thanks, -chris On 6/21/17 5:26 PM, Mark Thomas wrote: > On 21/06/17 15:58, schu...@apache.org wrote: >> Author: schultz >> Date: Wed Jun 21 14:58:57 2017 >> New Revision: 1799462 >> >> URL: http://svn.apache.org/viewvc?rev=1799462=rev >> Log: >> Allow human-readable channelSendOptions and mapSendOptions in configurations. >> Patch provided by Igal Sapir. >> >> This closes #56. > > > > >> Modified: tomcat/trunk/webapps/docs/changelog.xml >> URL: >> http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/changelog.xml?rev=1799462=1799461=1799462=diff >> == >> --- tomcat/trunk/webapps/docs/changelog.xml (original) >> +++ tomcat/trunk/webapps/docs/changelog.xml Wed Jun 21 14:58:57 2017 >> @@ -230,6 +230,14 @@ >> >> >> >> + >> + >> + >> +61127Allow human-readable names for channelSendOptions >> and >> +mapSendOptions. Patch provided by Igal Sapir. (schultz) >> + >> + >> + >> >> >> > > Wrong version. 9.0.0.M22 had already been tagged. > > Mark > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > signature.asc Description: OpenPGP digital signature
Re: asyncError() is not valid while in Async state DISPATCHING
Hi, 2017-06-13 15:44 GMT+03:00 Mark Thomas: > > On 13/06/17 11:05, Violeta Georgieva wrote: > > 2017-06-13 13:04 GMT+03:00 Violeta Georgieva : > >> > >> Hi, > >> > >> > >> 2017-06-12 21:43 GMT+03:00 Mark Thomas : > >>> > >>> On 09/06/17 16:26, Violeta Georgieva wrote: > 2017-06-09 17:25 GMT+03:00 Mark Thomas : > >>> > >>> > >>> > > I've spent some time working through the various possible > > combinations > > of events and have concluded it is impossible to completely fix this > > without imposing additional requirements on applications that the > > specification doesn't mention. > > > > However, I believe that we can do better than the current > > implementation. What I have on mind would: > > > > - always trigger AsyncListener.onError() for all listeners > > - generally, process the complete() dispatch() call from the > > AsyncListener rather than any from the non-container thread > > - generally, throw an ISE if complete() or dispatch() is called > > from the non-container thread after that thread experiences an I/O > >error > > - leave a small timing window where it was possible that the > > complete() > > or dispatch() from the non-container thread would be used rather > > than > > from the AsyncListener. In that case the AsyncListener would see > > the > > ISE but any remaining AsyncListener instances would still be called > > > > I don't see a way of doing better than this without spec changes / > > clarifications. > > > > WDYT? > > +1 > I'm able to test the new behavior with my real web app. > >>> > >>> Excellent. I've committed my proposed fix. The async unit tests pass > >>> which is generally a good sign. If this works better with your real web > >>> application then we can look to back-port this. > >> > >> I'm seeing now the following exceptions: > > In the same run or different runs? > > > I back ported the fix to my local 8.5 branch in order to be able to test it > > ... > > > >> > >> java.lang.IllegalStateException: Calling [asyncComplete()] is not valid > > for a request with Async state [MUST_DISPATCH] > > It appears the application called dispatch() from a non-container thread > once the error state had been entered. We could block that but there is > a risk it will break valid use cases. Fundamentally, I don't believe the > app should be doing this. Ok I understand. > > >> at > > org.apache.coyote.AsyncStateMachine.doComplete(AsyncStateMachine.java:317) > > ~[tomcat-embed-core.jar!/:8.5.16-dev] > > > > >> == > >> > >> java.lang.NullPointerException: null > > Appears to be the same cause as above, but triggered at a different point. > What about at least not throw NPE? > >> at > > org.apache.catalina.core.AsyncContextImpl.setErrorState(AsyncContextImpl.java:411) > > ~[tomcat-embed-core.jar!/:8.5.16-dev] > > > > This is consistent with what I'd expect. In both of the above cases any > AsyncListener.onError() methods should execute but if the app continues > to do things on the non-container thread then there possibility of > exceptions remains. > Ok I understand. Can we back port the change to Tomcat 8.5 so that it is guaranteed that the AsyncListeners will be invoked on error. Thanks, Violeta > Mark > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org >
[Bug 61212] Slow application boot time due to constant jar file content read
https://bz.apache.org/bugzilla/show_bug.cgi?id=61212 --- Comment #2 from Adrianas--- We do have relativelly big spring based application with ~250mb of jars. After migrating from tc 7 to tc 8 application boot time significantly increased. Seems that most of the time is taken by a constant call to java.util.jar.JarFile.getJarEntry. Looks like tc8 class/resource loader on each ClassLoader.loadClass(String) iterates through all jars and asks each jar if resource exists (instead of caching jar content once in memory). tc 8 has the ability to read jar contens only once but to enable it we had to extend org.apache.catalina.webresources.StandardRoot with custom implementation. After change total time spent on org.apache.catalina.loader.WebappClassLoaderBase.loadClass(String) dropped from 87sec to 39sec. It was 40+sec of time wasted on constant jar content check. package org.apache.catalina.webresources; import org.apache.catalina.LifecycleException; import org.apache.catalina.WebResourceSet; /** * Created by adi on 09/06/2017. */ public class CustomStandardRoot extends org.apache.catalina.webresources.StandardRoot { @Override protected void startInternal() throws LifecycleException { super.startInternal(); for (WebResourceSet webResourceSet : getClassResources()) { if (webResourceSet instanceof AbstractArchiveResourceSet) { // Load Jar Content into Memory ((AbstractArchiveResourceSet)webResourceSet).getArchiveEntries(false); } } } } and register custom implementation in TOMCAT_HOME/conf/context.xml Context containerSciFilter="org.apache.tomcat.websocket.server.WsSci"> ... ... -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61212] Slow application boot time due to constant jar file content read
https://bz.apache.org/bugzilla/show_bug.cgi?id=61212 Adrianaschanged: What|Removed |Added Attachment #35072|After |Profile After description|| -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61212] Slow application boot time due to constant jar file content read
https://bz.apache.org/bugzilla/show_bug.cgi?id=61212 --- Comment #1 from Adrianas--- Created attachment 35072 --> https://bz.apache.org/bugzilla/attachment.cgi?id=35072=edit After -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61212] New: Slow application boot time due to constant jar file content read
https://bz.apache.org/bugzilla/show_bug.cgi?id=61212 Bug ID: 61212 Summary: Slow application boot time due to constant jar file content read Product: Tomcat 8 Version: 8.5.15 Hardware: PC OS: All Status: NEW Severity: normal Priority: P2 Component: Catalina Assignee: dev@tomcat.apache.org Reporter: abruzgu...@eisgroup.com Target Milestone: Created attachment 35071 --> https://bz.apache.org/bugzilla/attachment.cgi?id=35071=edit Profile Before We do have relativelly big spring based application with ~250mb of jars. After migrating from tc 7 to tc 8 application boot time significantly increased. Seems that most of the time is taken by a constant call to java.util.jar.JarFile.getJarEntry. Looks like tc8 class/resource loaded on each ClassLoader.loadClass(String) iterates throught all jars and asked each jar if resource exists instead of caching jar content once in memmory. tc 8 has the ability to read jar contens only once but to enable it we had to extend org.apache.catalina.webresources.StandardRoot iwth custom implementation. After change total time spent on org.apache.catalina.loader.WebappClassLoaderBase.loadClass(String) dropped from 87sec to 39sec. It was 40+sec of time wasted on constant jar content check. package org.apache.catalina.webresources; import org.apache.catalina.LifecycleException; import org.apache.catalina.WebResourceSet; /** * Created by adi on 09/06/2017. */ public class CustomStandardRoot extends org.apache.catalina.webresources.StandardRoot { @Override protected void startInternal() throws LifecycleException { super.startInternal(); for (WebResourceSet webResourceSet : getClassResources()) { if (webResourceSet instanceof AbstractArchiveResourceSet) { // Load Jar Content into Memory ((AbstractArchiveResourceSet)webResourceSet).getArchiveEntries(false); } } } } and register custom implementation in TOMCAT_HOME/conf/context.xml Context containerSciFilter="org.apache.tomcat.websocket.server.WsSci"> ... ... -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: svn commit: r1799653 - /tomcat/trunk/test/org/apache/coyote/http2/TestStream.java
Mark, thanks for the fix! > On 23 Jun 2017, at 18:29, ma...@apache.org wrote: > > Author: markt > Date: Fri Jun 23 10:29:56 2017 > New Revision: 1799653 > > URL: http://svn.apache.org/viewvc?rev=1799653=rev > Log: > Fixing typo (r1799648) changed response body length so test needed to be > updated. > > Modified: >tomcat/trunk/test/org/apache/coyote/http2/TestStream.java > > Modified: tomcat/trunk/test/org/apache/coyote/http2/TestStream.java > URL: > http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http2/TestStream.java?rev=1799653=1799652=1799653=diff > == > --- tomcat/trunk/test/org/apache/coyote/http2/TestStream.java (original) > +++ tomcat/trunk/test/org/apache/coyote/http2/TestStream.java Fri Jun 23 > 10:29:56 2017 > @@ -115,7 +115,7 @@ public class TestStream extends Http2Tes > "3-Header-[content-type]-[text/plain;charset=UTF-8]\n" + > "3-Header-[date]-[Wed, 11 Nov 2015 19:18:42 GMT]\n" + > "3-HeadersEnd\n" + > -"3-Body-43\n" + > +"3-Body-44\n" + > "3-HeadersStart\n" + > "3-Header-[x-trailer-2]-[Trailer value two]\n" + > "3-Header-[x-trailer-1]-[Trailer value one]\n" + > > > > - > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61210] When using the Security Manager, Tomcat prints warning about a non-existent file
https://bz.apache.org/bugzilla/show_bug.cgi?id=61210 --- Comment #4 from Coty Sutherland--- (In reply to Mark Thomas from comment #2) > I was thinking add a privileged block that tested if the file existed and > don't trigger the warning if it doesn't. Note I haven't dug into the code to > see hwo easy this would be yet. +1, that's what I was hoping for. I haven't played much with privileged blocks, but I can try and mock up a quick patch to do that. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
[Bug 61210] When using the Security Manager, Tomcat prints warning about a non-existent file
https://bz.apache.org/bugzilla/show_bug.cgi?id=61210 --- Comment #3 from Coty Sutherland--- (In reply to Konstantin Kolinko from comment #1) > 1. From your logs, you are running Tomcat 8.5.15. I am changing the Version > field to match that. I tested with 8.5.x too, apparently I copied the wrong logs. > 2. Generally, this is a feature. > The message text tells one to look into the catalina.policy file, > and there is a comment there that explains the issue. Like I said, the message is accurate however the file that it's warning about doesn't exist. This could cause users to see a warning in the log file that needs to be fixed when in fact there is no problem. > > Any ideas how to improve users' experience here? > > Allowing to read some random logging.properties files is not an option, > as it is insecure. I'm not sure what you're after here. I don't want anyone to be able to read the file :) I want the warning message to be conditional based on whether or not the file actually exists. -- You are receiving this mail because: You are the assignee for the bug. - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot success in on tomcat-trunk
The Buildbot has detected a restored build on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2492 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1799653 Blamelist: markt Build succeeded! Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: Need a help to begin.
On 22/06/17 13:43, Kasun Prabath Amarasinghe wrote: > I'm a computer Engineering undergraduate student. I would like to > contribute to open source projects. But I don't know where to start and how > to start.Can anyone guide me to start. > Welcome to the Apache Tomcat community. There is some useful information available at http://tomcat.apache.org/ Have a look at the links under "Get Involved" in the menu on the left hand side. We have recently started to mark some bugs as "Beginner" if we think they are suitable for someone new to the project. There aren't many of them yet. The most important thing is to do something that you find interesting. If you have any questions, or suggestions for how we can improve the experience for people new to the project, do let us know. Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1799653 - /tomcat/trunk/test/org/apache/coyote/http2/TestStream.java
Author: markt Date: Fri Jun 23 10:29:56 2017 New Revision: 1799653 URL: http://svn.apache.org/viewvc?rev=1799653=rev Log: Fixing typo (r1799648) changed response body length so test needed to be updated. Modified: tomcat/trunk/test/org/apache/coyote/http2/TestStream.java Modified: tomcat/trunk/test/org/apache/coyote/http2/TestStream.java URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/coyote/http2/TestStream.java?rev=1799653=1799652=1799653=diff == --- tomcat/trunk/test/org/apache/coyote/http2/TestStream.java (original) +++ tomcat/trunk/test/org/apache/coyote/http2/TestStream.java Fri Jun 23 10:29:56 2017 @@ -115,7 +115,7 @@ public class TestStream extends Http2Tes "3-Header-[content-type]-[text/plain;charset=UTF-8]\n" + "3-Header-[date]-[Wed, 11 Nov 2015 19:18:42 GMT]\n" + "3-HeadersEnd\n" + -"3-Body-43\n" + +"3-Body-44\n" + "3-HeadersStart\n" + "3-Header-[x-trailer-2]-[Trailer value two]\n" + "3-Header-[x-trailer-1]-[Trailer value one]\n" + - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
buildbot failure in on tomcat-trunk
The Buildbot has detected a new failure on builder tomcat-trunk while building . Full details are available at: https://ci.apache.org/builders/tomcat-trunk/builds/2491 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: silvanus_ubuntu Build Reason: The AnyBranchScheduler scheduler named 'on-tomcat-commit' triggered this build Build Source Stamp: [branch tomcat/trunk] 1799648 Blamelist: huxing BUILD FAILED: failed compile_1 Sincerely, -The Buildbot - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
svn commit: r1799648 - /tomcat/trunk/webapps/examples/WEB-INF/classes/trailers/ResponseTrailers.java
Author: huxing Date: Fri Jun 23 06:33:17 2017 New Revision: 1799648 URL: http://svn.apache.org/viewvc?rev=1799648=rev Log: Fix typo in trailer fileds example Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/trailers/ResponseTrailers.java Modified: tomcat/trunk/webapps/examples/WEB-INF/classes/trailers/ResponseTrailers.java URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/WEB-INF/classes/trailers/ResponseTrailers.java?rev=1799648=1799647=1799648=diff == --- tomcat/trunk/webapps/examples/WEB-INF/classes/trailers/ResponseTrailers.java (original) +++ tomcat/trunk/webapps/examples/WEB-INF/classes/trailers/ResponseTrailers.java Fri Jun 23 06:33:17 2017 @@ -47,7 +47,7 @@ public class ResponseTrailers extends Ht PrintWriter pw = resp.getWriter(); -pw.print("This reponse should include trailer fields."); +pw.print("This response should include trailer fields."); } - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] 8.0.x EOL - 30 June 2018
[ X ] +1 We should announce 8.0.x EOL for 30 June 2018 -- From:Mark ThomasTime:2017 Jun 22 (Thu) 23:18 To:Tomcat Developers List Subject:[VOTE] 8.0.x EOL - 30 June 2018 We had a couple of threads discussing this. I think it is time for a vote. [ ] +1 We should announce 8.0.x EOL for 30 June 2018 [ ] -1 We should announce 8.0.x EOL for [insert date here] [ ] -1 We should not announce 8.0.x EOL at this time Thanks, Mark - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
Re: [VOTE] Release Apache Tomcat 9.0.0.M22
Hi, The proposed 9.0.0.M22 release is: [ ] Broken - do not release [ X ] Alpha - go ahead and release as 9.0.0.M22 Unit test passed. Our test web application works fine. 1. There is a typo in trailers.ResponseTrailers, I will fix that later. 2. Actually I have a concern of the trailer field implementation. Should we add an extra whitespace between the trailer field name and trailer field, just to keep align with the head field format? In rfc7230 section 4.1.2 says the white space is optional. header-field = field-name ":" OWS field-value OWS But right now the format is inconsistent between header and trailer field. Examples: Escape character is '^]'. GET /examples/servlets/trailers/response HTTP/1.1 Host: hsf.taobao.net:8180 User-Agent: curl/7.47.0 Accept: */* HTTP/1.1 200 Content-Type: text/plain;charset=UTF-8 Transfer-Encoding: chunked Date: Fri, 23 Jun 2017 05:49:14 GMT 2b This reponse should include trailer fields. 0 x-trailer-2:Trailer value two x-trailer-1:Trailer value one BTW, Jetty[1] has an white space between trailer field name and value. https://webtide.com/http-trailers-in-jetty/ -- From:Mark ThomasTime:2017 Jun 21 (Wed) 22:18 To:Tomcat Developers List Subject:[VOTE] Release Apache Tomcat 9.0.0.M22 The proposed Apache Tomcat 9.0.0.M22 release is now available for voting. This is a milestone release for the 9.0.x branch. It should be noted that, as a milestone release: - Servlet 4.0 is not finalised - The EGs have not started work on JSP 2.4, EL 3.1 or WebSocket 1.2/2.0 The major changes compared to the 9.0.0.M21 release are: - Add a new JULI FileHandler configuration for specifying the maximum number of days to keep the log files. By default the log files will be kept 90 days. - Update the Servlet 4.0 implementation to add support for setting trailer fields for HTTP responses. - When pre-compiling with JspC, report all compilation errors rather than stopping after the first error. Along with lots of other bug fixes and improvements For full details, see the changelog: http://svn.apache.org/repos/asf/tomcat/trunk/webapps/docs/changelog.xml It can be obtained from: https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.0.M22/ The Maven staging repo is: https://repository.apache.org/content/repositories/orgapachetomcat-1137/ The svn tag is: http://svn.apache.org/repos/asf/tomcat/tags/TOMCAT_9_0_0_M22/ The proposed 9.0.0.M22 release is: [ ] Broken - do not release [ ] Alpha - go ahead and release as 9.0.0.M22 - To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org